Cybersecurity Training Understanding the Human Component of Your Cyber Team December 5, 2021 by arpit Cyber teams rely on powerful cybersecurity tools and technologies to successfully defend against cyber-attacks, yet the human component is just as crucial to their success. But what exactly is the human component of a cyber team and how do you nurture and develop this critical component? Learn more about this pressing cybersecurity issue in Understanding the Human Component of Your Cyber Team. Read more » cyber attacks Cyber Range Cyber Simulation Malware Ransomware SOC
Cybersecurity Training Soft Skills, Not Just Technical Skills, Critical to SOC Team Readiness November 18, 2021 by arpit There are more than 460,000 open cyber-related jobs in the U.S, according to Cyberseek.org, and the onus to attract the talent to fill these positions is primarily on CISOs and SOC team managers. They are responsible for finding not only the talent with the right cybersecurity skillsets, but also the talent with the skillsets that […] Read more » Cyber Range Cyber Simulation Malware SOC
Cybersecurity Training The Updated OWASP Top 10 and Its Implications for Cyber Skills Development November 16, 2021 by arpit The OWASP Top 10 has caused a buzz among cybersecurity professionals. It’s been updated and there are lots of changes. In this week’s blog, “The Updated OWASP Top 10 and Its Implications for Cyber Skills Development”, we look at the latest OWASP Top 10 list, how it’s changed and the implications of OWASP security risks. Find out what they mean for your SOC and how the Cyberbit platform can give your SOC team the knowledge, skills, and experience needed for rapid detection and response to OWASP TOP 10 vulnerabilities. Read more » cyber attacks Cyber Range Cyber Simulation Malware OWASP SOC
Cybersecurity Training Breach Attack Simulation (BAS) vs. SOC Team Readiness Platform September 30, 2021 by arpit In the world of cybersecurity, SOC teams, and cybersecurity skills development, there is often some confusion or questions regarding a breach attack simulation (BAS) vs a SOC team readiness platform as both are used extensively and carry great value in upskilling SOC teams and improving cybersecurity postures. However, there are some critical differences between the […] Read more » cyber attacks Cyber Range Cyber Security Training Cyber Simulation Malware SOC
Endpoint Security HawkEye Malware Changes Keylogging Technique August 13, 2019 by arpit Cyberbit Labs have observed HawkEye malware variants changed their keylogging technique. Until now, the most pervasive keylogger malware technique was to register a procedure into the message hook chain of a window using SetWindowsHookExA API. The new variants exploit RegisterRawInputDevices API to register for input from the keyboard. This technique is not a new one. […] Read more » Hawkeye Keylogging Malware
Endpoint Security Hawkeye Malware Analysis May 19, 2019 by arpit What is Hawkeye Malware? Hawkeye malware is a credential-stealing malware that is sold as a software-as-a-service. It uses keylogging to target the endpoint and a free tool, contained in an encrypted resource section of the binary to extract sensitive login data from web browsers. Hawkeye is a file-less attack that can often evade signature-based detection […] Read more » Hawkeye Malware
Endpoint Security New Ursnif Malware Variant – a Stunning Matryoshka (Матрёшка) January 30, 2019 by arpit Ursnif malware is an information stealing/banking Trojan that has been around since 2016 and continues to evolve. Its capabilities include stealing of: System information List of installed applications List of installed drivers List of running processes List of network devices External IP address Email credentials (IMAP, POP3, SMTP) Cookies Certificates Screen video captures (.AVI) Financial […] Read more » Malware ursnif
Endpoint Security New ‘Early Bird’ Code Injection Technique Discovered April 11, 2018 by arpit This injection technique allows the injected code to run before the entry point of the main thread of the process, thereby allowing to avoid detection by anti-malware products’ hooks. Code injection is commonly used by malware to evade detection by injecting a malicious code into a legitimate process. This way the legitimate process serves as […] Read more » code injection EDR Malware
Endpoint Security Petya Ransomware: What’s Old, What’s New and What You Should Do June 27, 2017 by arpit A new strain of the Petya ransomware is spreading rapidly over the last 24 hours. The new variant attacked critical infrastructure, airports, pharmaceutical companies, and public transit companies throughout Europe, Asia, and North America. This post will provide a brief overview of the old and new tactics used by the new Petya, and a comprehensive […] Read more » Malware Petya Ransomware